Privacy Notice

About CorinCorin Underwriting Limited (‘Corin’) gathers and processes your personal data in accordance with this Privacy Notice and in compliance with the relevant data protection regulation and law.

This notice provides you with the necessary information regarding your rights and obligations, and explains how, why and when Corin collects and processes your personal data.

If you are providing information to Corin on behalf of your business and the information includes personal data, please ensure that all relevant persons have access to this Privacy Notice.

Corin Underwriting Limited is a company registered in England and Wales (Registered number: 10149990) with a registered office at Cumberland House, 24-28 Baxter Avenue, Southend-On-Sea, Essex, SS2 6HZ. Corin Underwriting Limited is registered with the Information Commissioner’s Office (ICO) as a data controller and is listed on the Register of Data Controllers under registration number ZA219829.

Information That Is CollectedCorin processes personal data to meet its legal, statutory and contractual obligations and to provide you with Corin’s products and services. Corin will not collect any unnecessary personal data from you and will not process your data in any way, other than already specified in this notice.

How We Use Your Personal Data (Legal Basis for Processing)If you are a policyholder, prospective policyholder or claimant, Corin collects your personal data because the processing of your personal data is necessary for the performance of an insurance contract or because you (or your representative or employer) have asked Corin or its agent to take specific steps before entering into an insurance contract (such as asking Corin or its agent to provide an insurance quotation).

If you are a business partner, Corin website user, or if your relationship to Corin does not concern an insurance contract, Corin collects your personal data because it has legitimate interests for doing so.

Corin also collects and stores personal data as part of its legal obligations for anti-money laundering, fraud prevention, sanction checking, business accounting and tax purposes.

Corin only retains your data for as long as is necessary and for the purposes specified in this notice.

Corin does not use personal data for the purposes of automated decision-making.

Rights of Data SubjectsYou have the right to access the data held by Corin and to request information about: –

The purposes of the processing

The categories of personal data concerned

The recipients to whom the personal data has/will be disclosed

How long Corin intends to store the personal data for

Information about the source of the personal data (if Corin did not collect the data directly from you)

If you believe that Corin holds any incomplete or inaccurate data about you, you have the right to ask Corin to correct and/or complete the information. Corin will strive to update/correct it as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.

You also have the right to request erasure of your personal data or to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from Corin and to be informed about any automated decision-making that Corin uses.

To access your personal data or to request the information stated in this section, you can email datarequest@corin.com or write to:

If Corin receives a request from you to exercise any of the above rights, you may be asked to verify your identity before the relevant request is acted upon; this is to ensure that your data is protected and kept secure.

Corin will disclose personal data only in accordance with this Privacy Notice or when required by law. All data processors acting on behalf of Corin only process your data in accordance with instructions from Corin and comply fully with this Privacy Notice, the data protection laws and any other appropriate confidentiality and security measures.

From time to time, Corin may sell a business or a part of a business to another company. Corin may share personal data with purchasers and prospective purchasers or other parties in any actual or proposed, merger, sale, joint venture, assignment, transfer or other transaction relating to all or any portion of the business, assets or stock.

Safeguarding MeasuresCorin takes your privacy seriously and takes every reasonable measure and precaution to protect and secure your personal data. Corin works hard to protect personal data from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place, including SSL, network encryptions, pseudonymization and IT access restrictions.

Consequences of Not Providing Personal DataIf you are a policyholder or claimant, the provision of your personal data is a requirement necessary to enter into a contract of insurance or for the performance of a contract of insurance.

Failure to provide personal data in relation to an insurance policy when requested may result in breach of contract and may invalidate the policy or may cause Corin or the insurer to reject a claim made under the policy.

Prospective policyholders are not obliged to provide personal data prior to entering into a contract, however Corin will not be able to offer its products or services without it.

How Long We Keep Personal DataCorin only ever retains personal data for as long as is necessary and has strict review and retention policies in place to meet these obligations.

The nature of the insurance products provided by Corin may necessitate the retention of personal data for the duration of the coverage period under the relevant insurance policy (until it is no longer possible to make a claim under the policy).

Notwithstanding the above, in certain circumstances Corin may be required to retain personal data for a period of 6 years in accordance with tax law.

Special Categories of Personal DataOwing to the nature of the insurance products provided by Corin, Corin sometimes needs to request sensitive personal information relating to policyholders, insured persons, claimants or other third parties. This information may include health records, medical history and criminal convictions.

Where sensitive personal data is required, Corin will only request the information required for the specified purpose and will always ask for your explicit consent through a signature. You can modify or remove consent at any time, which Corin will act on immediately, unless there is a legitimate interest or legal reason for not doing so.

Lodging A ComplaintCorin will only process personal data in compliance with this Privacy Notice and in accordance with the relevant data protection laws. If, however, you wish to raise a complaint regarding the processing of your personal data or you are unsatisfied with how Corin has handled your information, you have the right to lodge a complaint with the supervisory authority.